The Women CyberSecurity Society is a networked community providing support, programs, services, workshops and events to advance women and minorities in a cybersecurity career.
Secure DevOps before DevSecOps
By Tony Rice - ISSA member, Raleigh Chapter
This article discusses the opportunities DevSecOps offers to stand up infrastructure in a consistent, secure way as well as move discovery of security flaws earlier and more often in the software development life cycle, with a back-to-basics view of securing access to these resources first.
DevSecOps: A Systemic Approach for Secure Software Development
By Seetharaman Jeganathan
The author reviews how security processes can be effectively embedded in the DevOps model to increase the success of IT projects in an organization.
Securing Terminology: Lessons from Interdisciplinary Research
By Delmer Nagy, Herbert Gomez, and Christopher Copeland
IT security is an inherently interdisciplinary practice. This creates an amalgam of terms, acronyms, and concepts potentially causing confusion. Given the evolving nature of terminology, the authors demonstrate how traditional communication strategies need to be reinforced to ensure that the knowledge of organizational stakeholders does not hinder organizational security efforts.
Changing the DevOps Culture One Security Scan at a Time
By Jon-Michael Lacek
This article discusses the ideology of information security being a roadblock when it comes to DevOps project management and execution and demonstrates that available pipeline plugins do not introduce significant delays into the release process and are able to identify the vulnerabilities detected by traditional application scanning tools.
The Python Programming Language: Relational Databases
By Constantinos Doskas - ISSA Senior Member, Northern Virginia Chapter
This article continues our discussion on database programming. In previous lessons we learned how to create SQL database tables, how to create INNER and LEFT JOIN, and how to ORDER the queries of tables by one or more columns. In this session we will learn how to combine data of multiple like tables and queries and create detailed or summary reports.
Approximately 20-25 women will be selected and begin training in several groups during late July/early August, with graduation in February 2020. Applicants must be US citizens or permanent residents, and can be seniors in college or career changers that do not have a previous professional background in cybersecurity. For additional information, please review the attached PDF or Academy website
Keywords: security training, security awareness, security training videos, machine learning, cloud training, devsecops training
Education: Help women identify and achieve the level of education and skills required to succeed in security and privacy positions across multiple industries.
Mentoring & Networking: Foster a community for knowledge-sharing, collaboration, mentorship, and networking.
Advancement: Support the career advancement of women in security and privacy.
Leadership: Increase thought leadership by women in security and privacy.
Enhanced by real-world experience, the INI's unique combination of rigorous technical and practical industry-oriented topics will empower you to be one of the movers and shakers of the tech industry.
Our programs provide an advanced, specialized curriculum combining computer science, electrical and computer engineering, software engineering and information systems while incorporating business and policy perspectives.
Through flexible, interdisciplinary curricula, INI students can customize their program experience to help them realize their career aspirations.
Become the driving force against the accelerating problem of potential cyber threats in your organization; earn the Cyber Risk Professional (CyRP) Certificate. Regardless of industry or technical background, CyRP will prepare business leaders to effectively identify, evaluate, prepare for and mitigate cybersecurity threats. The program highlights include:
CyRP is designed and taught by Pepperdine faculty and an interdisciplinary board of CISOs, executives and business thought leaders
Four comprehensive course modules
The certificate is equivalent to four continuing education credits
CyRP is thrilled to partner with the team at ITSPmagazine to create a unique learning experience driven by the students and the ITSPmagazine expert contributor community. Some of the dedicated resources the students will find include:
Dedicated student, faculty, and community Q&A platform
CyRP-tailored experts corner articles and chronicles
Educational webcasts and podcasts
The CyRP certification will equip you and other business leaders with the tools to be effective in the dialogue and management of cybersecurity risks. This certification will develop your understanding and expertise in:
The threat landscape
The "building to break" concept
Critical cyber risk frameworks
The risk-based approach to cybersecurity
Calculating the cost per breach, mitigation, and what this means for your bottom line
Strategic opportunities that strong cybersecurity brings
Additionally, this certification will provide you with the ability to answer the following questions:
How do I change my culture to embrace security?
What questions should I ask my board?
How much should I invest in security?
How do I speak to my executive team about cybersecurity?
What questions should I ask my CISO?
What does my board wish I would tell them about cybersecurity?
Business leaders in any function or industry that need to be effective in the dialogue and management of cyber risk inside his or her organization should consider taking this course and earning this certification. If you are a business leader interested in positioning your company more effectively against cyber risk and even potentially lowering your cyber liability premiums, you should sign up and inquire about group rates for your departments, divisions, or colleagues.
The CyRP program was designed by top professors, practitioners, leaders, and luminaries representing academia, government, and commercial organizations.